Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/9RxrvoBmSTF55bVvt63dqs_PNYU.roa
File: 9RxrvoBmSTF55bVvt63dqs_PNYU.roa (raw, json)
Hash identifier: Iaon14eVM1IB/ZFmSbwkrKtH4FxnigNZ6AjVI64MGYo=
Subject key identifier: F5:1C:6B:BE:80:66:49:31:79:E5:B5:6F:B7:AD:DD:AA:CF:CF:35:85
Certificate issuer: /CN=0291d4de130da6aace22ed99650be182497e0bcf
Certificate serial: 018CC64999BD07793DCA5E93AEB756B0F6BD
Authority key identifier: 02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/9RxrvoBmSTF55bVvt63dqs_PNYU.roa
Signing time: Mon 01 Jan 2024 18:29:21 +0000
ROA not before: Mon 01 Jan 2024 18:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25415
IP address blocks: 193.107.184.0/22 maxlen: 22
185.27.8.0/22 maxlen: 22
2a0c:9bc0::/29 maxlen: 29
2a00:8920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.mft
rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:99:bd:07:79:3d:ca:5e:93:ae:b7:56:b0:f6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0291d4de130da6aace22ed99650be182497e0bcf
Validity
Not Before: Jan 1 18:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f51c6bbe8066493179e5b56fb7adddaacfcf3585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9b:86:5d:f6:6e:97:e8:c1:c3:0e:a8:2f:20:
f2:47:df:f1:f5:a8:ad:9d:6a:0c:a0:93:69:c6:b9:
a7:5f:07:6a:47:61:77:7a:92:f2:9f:08:0f:87:f4:
cb:1d:b6:a7:3f:5b:14:7f:12:e6:6c:54:28:8c:64:
5e:e1:41:17:76:30:98:de:75:ff:25:de:ea:d3:fb:
11:ff:50:f4:19:17:37:4c:7a:ca:70:c7:6c:bf:bd:
83:54:25:fc:11:57:36:1a:d2:99:82:b6:e4:4d:67:
7a:2a:12:8a:1c:05:af:a1:e5:0f:6f:ba:96:4c:a7:
15:b4:7f:2c:1c:90:c3:9a:70:9d:e3:95:de:bb:70:
4a:d8:43:30:e8:53:f3:13:3f:52:7c:ea:80:6c:82:
0c:07:99:64:af:9e:dc:98:c7:f7:0a:fd:23:02:12:
57:9e:cf:9d:7f:e1:9c:52:67:88:aa:84:80:41:ca:
8e:b0:0d:9d:92:e1:03:1f:e9:c2:b3:57:31:20:00:
14:1e:83:90:85:4c:88:0c:ea:04:0d:c5:23:39:b2:
c3:22:21:8c:ba:c4:dd:89:4c:26:41:40:7b:cb:68:
e2:34:71:cc:61:cc:cf:63:29:5c:ff:e9:93:22:ef:
09:50:47:a2:bd:9d:f3:90:f5:92:5f:93:64:80:23:
2a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1C:6B:BE:80:66:49:31:79:E5:B5:6F:B7:AD:DD:AA:CF:CF:35:85
X509v3 Authority Key Identifier:
keyid:02:91:D4:DE:13:0D:A6:AA:CE:22:ED:99:65:0B:E1:82:49:7E:0B:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApHU3hMNpqrOIu2ZZQvhgkl-C88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/9RxrvoBmSTF55bVvt63dqs_PNYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a9a479-9e2f-4cb0-8ded-7781681077f7/1/ApHU3hMNpqrOIu2ZZQvhgkl-C88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.8.0/22
193.107.184.0/22
IPv6:
2a00:8920::/32
2a0c:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
02:3d:40:f8:a3:c7:9e:ed:7d:a3:8f:80:83:23:54:78:50:05:
d4:20:6f:44:1d:f0:8e:ff:b2:c3:7b:3d:d5:3f:63:5e:bc:32:
26:91:4f:5c:80:66:6a:dc:d3:46:43:d6:53:c6:1a:55:1f:4f:
a7:85:0b:71:cb:4d:6f:5c:69:4b:f6:76:a1:7b:3a:e1:a7:19:
47:ae:06:41:3b:c9:50:de:a4:18:73:7d:bd:6e:0e:50:5d:16:
54:5d:9e:6e:15:20:63:97:ff:ce:e5:29:93:5f:77:6d:34:2e:
47:b3:aa:08:73:ff:73:fa:2b:47:d6:3e:53:73:7d:7f:2c:80:
86:cf:af:69:cf:6b:3a:11:b4:53:fd:ac:36:45:ab:7f:d5:48:
0f:0e:10:d6:40:7e:98:84:28:e1:3c:7f:44:47:03:96:3c:48:
22:d8:c0:86:8b:6f:f3:75:62:cb:21:57:7b:fe:c2:3c:19:c9:
1e:1e:eb:7c:1d:9a:92:e2:9e:90:74:d1:58:7c:36:27:97:42:
38:c8:a5:37:40:e5:ae:70:f2:8e:2c:37:ec:bd:d3:31:14:f8:
ee:fa:0f:c3:73:4b:d6:e3:5e:2f:67:dc:17:96:81:82:63:08:
4b:f2:d9:c8:53:5f:01:46:a0:86:f8:51:25:c6:9b:20:8d:5e:
d6:97:28:9d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSZm9B3k9yl6TrrdWsPa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTFkNGRlMTMwZGE2YWFjZTIyZWQ5OTY1MGJlMTgyNDk3
ZTBiY2YwHhcNMjQwMTAxMTgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFjNmJiZTgwNjY0OTMxNzllNWI1NmZiN2FkZGRhYWNmY2YzNTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJuGXfZul+jBww6oLyDyR9/x9ait
nWoMoJNpxrmnXwdqR2F3epLynwgPh/TLHbanP1sUfxLmbFQojGRe4UEXdjCY3nX/
Jd7q0/sR/1D0GRc3THrKcMdsv72DVCX8EVc2GtKZgrbkTWd6KhKKHAWvoeUPb7qW
TKcVtH8sHJDDmnCd45Xeu3BK2EMw6FPzEz9SfOqAbIIMB5lkr57cmMf3Cv0jAhJX
ns+df+GcUmeIqoSAQcqOsA2dkuEDH+nCs1cxIAAUHoOQhUyIDOoEDcUjObLDIiGM
usTdiUwmQUB7y2jiNHHMYczPYylc/+mTIu8JUEeivZ3zkPWSX5NkgCMqxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPUca76AZkkxeeW1b7et3arPzzWFMB8GA1UdIwQY
MBaAFAKR1N4TDaaqziLtmWUL4YJJfgvPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQt
Nzc4MTY4MTA3N2Y3LzEvOVJ4cnZvQm1TVEY1NWJWdnQ2M2Rxc19QTllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hOWE0NzktOWUyZi00Y2IwLThkZWQtNzc4MTY4MTA3N2Y3
LzEvQXBIVTNoTU5wcXJPSXUyWlpRdmhna2wtQzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRsIAwQC
wWu4MBQEAgACMA4DBQAqAIkgAwUDKgybwDANBgkqhkiG9w0BAQsFAAOCAQEAAj1A
+KPHnu19o4+AgyNUeFAF1CBvRB3wjv+yw3s91T9jXrwyJpFPXIBmatzTRkPWU8Ya
VR9Pp4ULcctNb1xpS/Z2oXs64acZR64GQTvJUN6kGHN9vW4OUF0WVF2ebhUgY5f/
zuUpk193bTQuR7OqCHP/c/orR9Y+U3N9fyyAhs+vac9rOhG0U/2sNkWrf9VIDw4Q
1kB+mIQo4Tx/REcDljxIItjAhotv83ViyyFXe/7CPBnJHh7rfB2akuKekHTRWHw2
J5dCOMilN0DlrnDyjiw37L3TMRT47voPw3NL1uNeL2fcF5aBgmMIS/LZyFNfAUag
hvhRJcabII1e1pconQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:38:11 2024 by rpki-client on console-fra.rpki-client.org